Job Description JOB TITLE: Senior IT Security Analyst LEVEL/BAND: MM22 DEPARTMENT: Technology DIRECT REPORT (JOB TITLE): Senior IT Security and Networks Management Manager Overall Purpose of the Position The IT Security Analyst is responsible for protecting all sensitive information within the Bank. The Analyst is responsible for ensuring all networks have adequate security to prevent unauthorized access and must develop reports to share with management about the efficiency of security policies. Moreover, the Analyst is responsible to implement, support and monitor systems used for security controls, such systems are firewalls, routers, switches, IPS/IDS and endpoint security systems. The IT Security Analyst must also organize and conduct training for all employees regarding company security. Also, the Analyst is responsible for researching, planning, designing, and maintaining the disaster recovery within the Bank and conducting periodic disaster recovery simulations and training for the IT department. Operational Responsibilities Plan, design and implement IT security and network infrastructure, including firewalls, host security, file permissions, backup and disaster recovery plans, file system integrity, proxy servers, application firewalls, anti-virus, and anti-malware; Supervise and manage technical support including installation, configuration, upgrades, maintenance, and repair of standard security hardware, software, and peripherals; Plan and manage the implementation of new software and hardware solutions, continuously upgrading and improving IT processes; Implement patches to IT security equipment using a low-risk approach; Design and manage firewalls, IPS/IDS, and web filters; Implement and manage Security Information and Event Management (SIEM) systems; Use network management systems to collect routine load statistics and produce network performance statistics; Provide direct training and oversight to staff and third parties to ensure proper IT security clearance; Assist in documenting and implementing policies related to IT security and disaster recovery; Promote IT security awareness within the Bank; Conduct periodic vulnerability and penetration tests of IT assets; Monitor compliance with IT Security policies and report infringements; Advise on IT security technologies and regulatory compliance issues; Identify IT security and disaster recovery risks to comply with Bank policies; Assist with IT security incidents according to procedures; Implement and monitor internal control systems to maintain appropriate IT security levels; Maintain and support the access network by resolving problems and performance monitoring; Maintain the Configuration Management Database for IT security equipment; Coordinate in the design, implementation, and testing of disaster recovery for new projects; Conduct applied research on new IT Security and Communications technologies; Be part of the on-call support team according to a schedule. General Responsibilities Submit reports and participate in projects as directed by the Manager; Ensure compliance with Bank’s policies and procedures; Attend meetings and take minutes as required; Ensure a high quality of work and service; Perform standard office procedures; Perform other duties as assigned; Attend training as requested by the Bank. Qualifications, Skills & Competencies Mandatory Skills: Knowledge in IT technologies such as firewalls, network access control, IDS/IPS, operating systems (Windows and Linux), IP Protocols, endpoint security, and related system tools. Ideally possess ITIL v3 skills; Excellent analytical, troubleshooting, and interpersonal skills; Good troubleshooting skills; Good communication and report writing skills; Team player, reliable, and able to work independently. Experience: At least two years’ experience working with technologies, particularly in Windows OS, Linux OS, Cisco, Checkpoint, Juniper, Forcepoint, Proofpoint, and LogRhythm. Qualification: Preferably a degree/diploma in IT, Computer Science, or a related field. Desirable Skills: Penetration and vulnerability testing; DLP, anti-virus, and anti-malware; Windows and Linux operating systems; TCP/IP, computer networking, routing and switching; Network protocols and packet analysis tools; Disaster Recovery; Familiarity with ISO 27001 standards. Experience: - Qualification: Industry-specific certification such as CCNA Security and CISA. Position Level: Head of Department Managerial & Specialist Positions Middle Management & Specialist Positions Technical & Clerical Positions J-18808-Ljbffr